E-6
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Appendix E Configuring an External Server for Authorization and Authentication
Configuring an External LDAP Server
Table E-2 Security Appliance Supported LDAP Cisco Schema Attributes
Attribute Name/
OID (Object Identifier)
VPN
3000 ASA PIX
Attr.
OID
1
Syntax/
Type
Single
or
Multi-
Valued Possible Values
cVPN3000-Access-Hours Y Y Y 1 String Single Name of the time-range (i.e.,
Business-Hours)
cVPN3000-Simultaneous-Logins Y Y Y 2 Integer Single 0-2147483647
cVPN3000-Primary-DNS Y Y Y 3 String Single An IP address
cVPN3000-Secondary-DNS Y Y Y 4 String Single An IP address
cVPN3000-Primary-WINS Y Y Y 5 String Single An IP address
cVPN3000-Secondary-WINS Y Y Y 6 String Single An IP address
cVPN3000-SEP-Card-Assignment 7 Integer Single Not used
cVPN3000-Tunneling-Protocols Y Y Y 8 Integer Single 1 = PPTP
2 = L2TP
4 = IPSec
8 = L2TP/IPSec
16 = WebVPN.
8 and 4 are mutually exclusive
(0 - 11, 16 - 27 are legal
values)
cVPN3000-IPSec-Sec-Association Y 9 String Single Name of the security
association
cVPN3000-IPSec-Authentication Y 10 Integer Single 0 = None
1 = RADIUS
2 = LDAP (authorization only)
3 = NT Domain
4 = SDI
5 = Internal
6 = RADIUS with Expiry
7 = Kerberos/Active Directory
cVPN3000-IPSec-Banner1 YYY11StringSingleBanner string
cVPN3000-IPSec-Allow-Passwd-Store YYY12BooleanSingle0 = Disabled
1 = Enabled
cVPN3000-Use-Client-Address Y 13 Boolean Single 0 = Disabled
1 = Enabled
To Next Page
Loading...
